Threat Intelligence Analyst
Threat Intelligence Analyst
Grade 11 (for internal purposes) The Impact:
SPGI has identified Information Security as a key business differentiator, and it has garnered attention at a Board level. As part of that program, the Threat Intelligence team provides sensitive and early access to threat intelligence, which allows the organization to be proactive instead of reactive. This can be done through proactively blocking malicious software, preventing Advanced Persistence Threat (APT) actors from gaining a foothold in our network, or notifying the business about imminent threats. Threat Intelligence also collaborates very closely with the Security Operations Center, the Incident Response Team, Legal, and Corporate Communications to support a variety of initiatives including responding to major Incidents which have the potential to be materially impacting if not well detected, contained and remediated. Responsibilities
The Threat Intelligence Analyst will use all sources of technical data collection and analysis in order to produce a common operating picture of intrusion or threat related activity. This includes developing and maintaining new technical and non-technical sources of information, threat research, threat profile development, analysis, briefings, and warnings. You will collaborate with peers within the team, across the organization, and across organizational lines to work with industry peers.
- Strong collaborative skills and proven ability to work in a diverse global team of security professionals
- Strong organizational skills and mentoring
- Strong verbal and written skills in English
- Excellent interpersonal skills
S&P Global Corporate
- Experience with threat intelligence tools & management platforms
- Knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain
- Experience with collecting, analyzing, and interpreting data from multiple sources, documenting the results and providing meaningful analytic products
- Knowledge of the methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence
- Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs)
- Knowledge of the intelligence community, law enforcement, and trust groups/communities
- Knowledge in information technology, to include networking, architecture, protocols, files systems and operating systems
- Knowledge of network security technologies, log formats, SIEM technologies, and security operations
- Excellent communication and collaboration skills
- Scripting and programming experience in Python, SQL/NoSQL, and shell scripting is desirable
At S&P Global, we don't give you intelligence-we give you essential intelligence. The essential intelligence you need to make decisions with conviction. We're the world's foremost provider of ratings, benchmarks and analytics in the global capital and commodity markets. Our divisions include:
- S&P Global Ratings, which provides credit ratings, research and insights essential to driving growth and transparency.
- S&P Global Market Intelligence, which provides insights into companies, markets and data so that business and financial decisions can be made with conviction.
- S&P Dow Jones Indices, the world's largest resource for iconic and innovative indices, which helps investors pinpoint global opportunities.
- S&P Global Platts, which equips customers to identify and seize opportunities in energy and commodities, stimulating business growth and market transparency.
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or other legally protected categories, subject to applicable law.